I'm currently a Malware Analyst/Reverse Engineer. I also have some experience in Network/Web App Penetration Testing, exploit development.

Before I got a job doing this stuff I read a few good books on the subject, paid to get a few certifications, got my degree.

I would like to round out my security skills with more of the defensive/Blue Team/incident response skills. I'm aware that no one can be an expert in every area but I would like to be at least a little familiar in these areas.

Is there any good resources for this? I know I could fork out the money for some SANS classes but I would rather not do that. I've pre-ordered richard bejtlich new book Practical Network Monitoring that should be out this July. Any other good resources like this to get a good understanding and practical application?